CVE-2018-8244

MEDIUM

Microsoft Outlook - Privilege Escalation

Title source: llm
STIX 2.1

Description

An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1041107
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/104323

Scores

CVSS v3 6.5
EPSS 0.0485
EPSS Percentile 91.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (5)
microsoft/office 2016
microsoft/outlook 2010 sp2
microsoft/outlook 2013 sp1
microsoft/outlook 2016
microsoft/outlook_rt 2013 sp1
Published Jun 14, 2018
Tracked Since Feb 18, 2026